package com.situ.hotel.controller;

import com.situ.hotel.pojo.User;
import com.situ.hotel.service.IUserService;
import com.situ.hotel.service.impl.UserServiceImpl;
import com.situ.hotel.utils.JSONResult;
import com.situ.hotel.utils.JSONUtil;
import org.springframework.util.StringUtils;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@WebServlet("/login")
public class LoginServlet extends HttpServlet {
    private IUserService userService = new UserServiceImpl();

    @Override
    protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String method = req.getParameter("method");
        switch (method) {
            case "login":
                login(req, resp);
                break;
            case "logout":
                logout(req, resp);
                break;
        }
    }

    private void login(HttpServletRequest req, HttpServletResponse resp) {
        System.out.println("LoginServlet.login");
        String name = req.getParameter("name");
        String password = req.getParameter("password");
        String code = req.getParameter("code");

        // 先判断验证码是不是正确
        // 验证码错误，返回一个错误提示信息
        // 验证码正确，再验证用户名和密码是否正确
        HttpSession session = req.getSession();
        String codeInSession = (String) session.getAttribute("codeInSession");
        if (StringUtils.isEmpty(code) || !codeInSession.equalsIgnoreCase(code)) {
            JSONUtil.obj2Json(JSONResult.error("验证码为空或错误"), resp);
            return;
        }

        User user = userService.login(name, password);
        if (user != null) {
            //虽然查出这个用户，但是要判断这个用户是不是可用status==1
            if (user.getStatus() != 1) {
                JSONUtil.obj2Json(JSONResult.error("该用户已经被禁用"), resp);
                return;
            }

            //登录上之后，把这个凭证保存到Session里面
            session.setAttribute("user", user);
            JSONUtil.obj2Json(JSONResult.ok("登录成功"), resp);
        } else {
            JSONUtil.obj2Json(JSONResult.error("用户名或密码错误"), resp);
        }
    }

    private void logout(HttpServletRequest req, HttpServletResponse resp) throws IOException {
        System.out.println("LoginServlet.logout");
        //退出原理：删除在Session中的凭证，
        HttpSession session = req.getSession();
        //session.removeAttribute("user");
        session.invalidate();

        //然后重定向到登录界面
        resp.sendRedirect(req.getContextPath() + "/login.jsp");
    }


}
